'''Title:''' Introduction to OWASP Projects and Resources by Marian Ventuneac

'''Title:''' Introduction to OWASP Projects and Resources by Marian Ventuneac

−

<br>

+

<br><br>

'''Abstract:''' From training to secure code review and penetration testing, OWASP Projects and Resources can be of great

'''Abstract:''' From training to secure code review and penetration testing, OWASP Projects and Resources can be of great

benefit in defining and implementing security requirements as part of software development processes. This presentation will provide an introduction to the OWASP Projects and Resources which can be used for assessing and strengthening security of both open-source and enterprise Web Applications.

benefit in defining and implementing security requirements as part of software development processes. This presentation will provide an introduction to the OWASP Projects and Resources which can be used for assessing and strengthening security of both open-source and enterprise Web Applications.

'''Title:''' The Penetration Testing Golden Rules - how to get the best results by Jason Flood and Javier Marcos de Prado

<br><br>

<br><br>

−

'''Title:''' The Penetration Testing Golden Rules - how to get the best results by Jason Flood and Javier Marcos de Prado

−

<br>

'''Abstract:''' Jason Flood and Javier Marcos de Prado from Lotus Security and System Test IBM Dublin Software Lab will be

'''Abstract:''' Jason Flood and Javier Marcos de Prado from Lotus Security and System Test IBM Dublin Software Lab will be

giving a presentation on the hacker mindset. This discussion will demonstrate the thought processes involved in how targets are chosen and how vulnerabilities are found. The presentation will feature demonstrations on common vulnerabilities as well as how best to use open source tool's such as a proxy to carry out an ethical penetration test.

giving a presentation on the hacker mindset. This discussion will demonstrate the thought processes involved in how targets are chosen and how vulnerabilities are found. The presentation will feature demonstrations on common vulnerabilities as well as how best to use open source tool's such as a proxy to carry out an ethical penetration test.

−

<br>

+

<br>< br>

'''Presenters:''' Jason Flood holds a degree in Applied Science and a Masters in Security and Forensic computing. He is

'''Presenters:''' Jason Flood holds a degree in Applied Science and a Masters in Security and Forensic computing. He is

currently doing a PhD in the area of cloud security. He has been working in IBM for the last 3 years. In total he has 8 years development experiance and 2 years in security. He currently works as a grey-box security tester. He has spoken several time at different universities on the subject of Security.

currently doing a PhD in the area of cloud security. He has been working in IBM for the last 3 years. In total he has 8 years development experiance and 2 years in security. He currently works as a grey-box security tester. He has spoken several time at different universities on the subject of Security.

Revision as of 10:54, 14 March 2011

OWASP Ireland-Limerick

Welcome to the Ireland-Limerick chapter homepage. Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

OWASP Ireland Limerick 2011 Agenda

MARCH 2011

OWASP Opening Meeting

When: 24/3/2011 7:00pm - 8:30pm

Where: Limerick City Council, Ireland

Title: Introduction to OWASP Projects and Resources by Marian Ventuneac

Abstract: From training to secure code review and penetration testing, OWASP Projects and Resources can be of great
benefit in defining and implementing security requirements as part of software development processes. This presentation will provide an introduction to the OWASP Projects and Resources which can be used for assessing and strengthening security of both open-source and enterprise Web Applications.

Title: The Penetration Testing Golden Rules - how to get the best results by Jason Flood and Javier Marcos de Prado

Abstract: Jason Flood and Javier Marcos de Prado from Lotus Security and System Test IBM Dublin Software Lab will be
giving a presentation on the hacker mindset. This discussion will demonstrate the thought processes involved in how targets are chosen and how vulnerabilities are found. The presentation will feature demonstrations on common vulnerabilities as well as how best to use open source tool's such as a proxy to carry out an ethical penetration test.
< br>
Presenters: Jason Flood holds a degree in Applied Science and a Masters in Security and Forensic computing. He is
currently doing a PhD in the area of cloud security. He has been working in IBM for the last 3 years. In total he has 8 years development experiance and 2 years in security. He currently works as a grey-box security tester. He has spoken several time at different universities on the subject of Security.

Javier Marcos de Prado holds a MSc in Computer Engineering by the University of Leon (Spain) and a MSc in Security and
Forensic Computing by the Dublin City University (DCU). He has been working in IBM for the last four years and his background goes from developer to sysadmin and now he works in the Ethical Hacking Team performing white-box and black-box security assessments. Javier is a regular speaker at security trainings and technical sessions also he have spoken at DCU about web application vulnerabilities and how to exploit them, to show real risks and analyse real attacks.
Download: Not available